MetaDefender Kiosk
by OPSWAT
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-52925 | Med | 0.44 | 6.8 | 0.00 | Feb 26, 2025 | In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives. | ||
| CVE-2023-36659 | 0.00 | — | 0.01 | Sep 15, 2023 | An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication). | |||
| CVE-2023-36658 | 0.00 | — | 0.00 | Sep 15, 2023 | An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally. | |||
| CVE-2023-36657 | 0.00 | — | 0.01 | Sep 15, 2023 | An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation. |
- risk 0.44cvss 6.8epss 0.00
In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives.
- CVE-2023-36659Sep 15, 2023risk 0.00cvss —epss 0.01
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication).
- CVE-2023-36658Sep 15, 2023risk 0.00cvss —epss 0.00
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.
- CVE-2023-36657Sep 15, 2023risk 0.00cvss —epss 0.01
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation.